git: return strdup()ed empty string on error in pop_cstring

The pop_cstring() function is used by the git parser to
duplicate a quoted string. On error, it returns an empty
string literal. Since the caller expects a copied string
and takes ownership of that string, it will ultimately
be freed.

Concrete example: a log with erroneous cylinder data was opened
getting such an empty string literal as description. On closing or
syncing with the cloud, the dive is freed, leading to a free
of the string literal -> crash.

Return a copy of the empty string instead.

Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
This commit is contained in:
Berthold Stoeger 2020-03-16 18:00:20 +01:00 committed by Dirk Hohndel
parent 0a463aad36
commit 71f573da2a

View file

@ -334,11 +334,11 @@ static char *pop_cstring(struct membuffer *str, const char *err)
if (!str) { if (!str) {
report_error("git-load: string marker without any strings ('%s')", err); report_error("git-load: string marker without any strings ('%s')", err);
return ""; return strdup("");
} }
if (!str->len) { if (!str->len) {
report_error("git-load: string marker after running out of strings ('%s')", err); report_error("git-load: string marker after running out of strings ('%s')", err);
return ""; return strdup("");
} }
len = strlen(mb_cstring(str)) + 1; len = strlen(mb_cstring(str)) + 1;
return remove_from_front(str, len); return remove_from_front(str, len);